Unpacking the source code
If you have downloaded the gzip
file with the source code and saved it as modsecurity-apache.tar.gz
you can use the following command to unpack it:
$ tar xfvz modsecurity-apache.tar.gz
This will unpack the source code into a subfolder with the name modsecurity-apache
. It will also create a directory structure in this folder where the different subfolders will hold the source code, documentation, and sample rules, among other things. A typical layout of the directories is as follows:
modsecurity/apache2
Contains the source code to ModSecurity as well as the files needed to build the binary module
modsecurity/doc
Contains the ModSecurity reference guide in HTML and PDF format
modsecurity/rules
Contains
.conf
files with pre-configured rules useful for stopping a variety of attacks. These rule files are known as the core ruleset, and this ruleset is continuously refined by Breach Security.modsecurity/tools
Contains supporting tools such as a Perl script to update rules (which is created during the compilation process).